Steve Buehler wrote: > At 09:16 AM 8/3/2005, you wrote: > >> Steve Buehler wrote: >> > At 02:09 PM 8/2/2005, you wrote: >> > >> >> > Ok. I give. What in the heck is an spf (TXT) record? Something >> that >> >> > just came out this year? I have everything that AOL requires >> now. If >> >> > that is a new term for a PTR or reverse record, then I already >> have it. >> >> >> >> It is probably an SPF record. http://spf.pobox.com/. >> >> >> >> It dictates from which IP a message for a specific domain is >> supposed to >> >> come from. >> > >> > >> > hmmmm. Is this widely used? >> >> Used by AOL, Google and many other domains. Not everyone rejects a >> message on a FAIL, though (I do, 'cause I have low mail volume). >> >> > I have never heard of it before. >> >> There is also DomainKeys, used by (at least) Yahoo and Google. It is a >> system based on public-key crypto. >> >> <snip> >> >> SPF strict records needs a domain for wich e-mail will come only from a >> specific set of servers/IP addresses. >> >> For example, my users only use Outlook/exchange to send e-mail for our >> domain. If they want to send mail from home with their office e-mail >> account, they connect using VPN, so the source is always predictable. >> This is the office's policy. If users don't respect it, their e-mails >> may be rejected. They've been warned. >> >> SPF doesn't need separate DNS servers. SPF implementation is 2 fold, >> and they're not mutually exclusive or reciprocal prerequisites. >> >> 1- You can control from which IP e-mail from your domain will come (SPF >> TXT-type DNS records) >> 2- You can perform SPF checks with your MTA and reject/warn/tag as SPAM >> messages according to the SPF result. >> >> Hope this helps. > > > Honestly I would like to see SPF become a standard that is enforced by > all ISP's. When it does, that will cut down on the marjority of spam. > It will also force the programmers of the control panels to have it > automatically put it in when a site is setup instead of it being a > separate process that requires a tech. Or at least someone other than > my boss. If it isn't done automatically, then it defeats the purpose of > having a control panel that is a one step setup process. It will all be > a headache to implement, but might be worth it to get rid of spam and > the load on servers. I will have to look into it some more and see if I > can write a script to automatically add this to dns records for the > domains that we host. > Thanks > Steve > > Be careful about your script and what kind of SPF records you write up. If you allow pop access and you don't allow SMTP access, you can't set up a strict SPF record. -- Ugo -> Please don't send a copy of your reply by e-mail. I read the list. -> Please avoid top-posting, long signatures and HTML, and cut the irrelevant parts in your replies. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
